RIBridges Alert On December 13, 2024, the State was informed by its vendor, Deloitte, that there was a major security threat to the RIBridges system. In response, we have proactively taken the system offline so that the State and Deloitte can work to address the threat and restore the system as quickly as possible. Additionally, Deloitte confirmed that there is a high probability that a cybercriminal has obtained files with personally identifiable information from RIBridges. NEW 12/15: RIBridges Data Breach Call Center Now Available In response to the RIBridges data breach, Deloitte has contracted with Experian to run a multilingual call center. A toll-free hotline will open today, Sunday, December 15, from 11 a.m. to 8 p.m. at 833-918-6603. The reference number for the Rhode Island incident is B137035. You may be asked for it when you call. Please note that this is a different code than the one impacted individuals will receive to sign up for free credit monitoring. After Sunday, December 15, the hotline will be open Mondays through Fridays from 9 a.m. to 9 p.m. Call center staff will be able to provide general information about the breach as well as steps customers can take now to protect their data. Unfortunately, as the analysis of the data involved is still happening, call center staff will not be able to confirm whether a particular individual’s data is or is not included in the breach at this time. Updates on Restoring RIBridges Forthcoming We will provide updates as the State continues to address the situation. At this time, the State and Deloitte are focused on addressing the threat. Information about Customer Accounts and Applying for BenefitsWe understand this is an alarming situation for our customers. Current customers will not be able to log into their account through the portal or the mobile app while the system is offline. Updates will be made available on this webpage. Rhode Islanders seeking to apply for benefits can still submit a paper application. The application and instructions can be found online under “Apply by Mail” at https://dhs.ri.gov/apply-now Details about the Data Breach To the best of our knowledge, any individual who has received or applied for health coverage and/or health and human services programs or benefits could be impacted by this breach. The programs and benefits managed through the RIBridges system include but are not limited to: Medicaid, Supplemental Nutrition Assistance Program (SNAP), Temporary Assistance for Needy Families (TANF), Child Care Assistance Program (CCAP), Health coverage purchased through HealthSource RI Rhode Island Works (RIW), Long-Term Services and Supports (LTSS), and General Public Assistance (GPA) Program. While the analysis of the breach is still underway, unfortunately, Deloitte has indicated that the information involved may include names, addresses, dates of birth and Social Security numbers, as well as certain banking information, but is still assessing the situation. What You Can Do Households that have had personal information compromised will receive a letter by mail from the State that explains how to access free credit monitoring. A dedicated call center for impacted customers will be available Sunday, December 15 from 11 a.m. to 8 p.m. After Sunday, the call center will be open Mondays through Fridays from 9 a.m. to 9 p.m. EDT. The toll-free hotline is 833-918-6603. The reference number for the Rhode Island incident is B137035. We are currently unaware of any identity theft or fraud related to this data breach. However, we advise customers to remain vigilant and monitor their accounts for any unauthorized activity. This includes: Taking steps to freeze credit and/or place a fraud alert through the three major credit bureaus. Visit https://www.usa.gov/credit-freeze for more information and see contact information for the three credit bureaus below. As a best practice, customers should change any common or reused passwords to a new strong and unique one. Using a safe and secure password manager is the most effective way to reduce risks of password misuse. Customers can also call their bank to ask what steps may be taken related to the security of their bank account. We appreciate your patience as we continue to gather additional actionable information. We will provide updates as we receive them. Please continue to monitor this webpage. Credit Bureau Equifax Experian TransUnion Online https://www.equifax.com/personal/credit-report-services https://www.experian.com/help/ https://www.transunion.com/customer-support/ By Phone 1-888-298-0045 1-888-397-3742 1-800-916-8800 By Mail: Fraud Alert (alerting one alerts them all) Equifax Fraud Alert, P.O. Box 105069, Atlanta GA 30348-5069 Experian Fraud Alert, P.O. Box 9554, Allen TX, 75013 TransUnion Fraud Alert, P.O. Box 2000, Chester, PA 19016 By Mail: Credit Freeze (each bureau must be alerted individually) Equifax Credit Freeze Alert, P.O. Box 105788, Atlanta GA 30348-5788 Experian Credit Freeze, P.O. Box 9554, Allen TX, 75013 TransUnion Credit Freeze, P.O. Box 160, Chester, PA 19094 Details about the Threat On December 5, the State was informed by its vendor, Deloitte, that the RIBridges data system was the target of a potential cyberattack. At that time, it was unclear if any sensitive information was breached. At that time, appropriate federal law enforcement and agencies were notified, as well as the Rhode Island State Police. After consultation with our state IT department, Deloitte immediately implemented additional security measures and started to assess the threat. It was important, for security reasons, to keep this knowledge internal until we could secure the RIBridges system. At the same time, our team began an investigation into what data may have been compromised, and how a possible attack was able to occur. On December 10, the State received confirmation from Deloitte that there had been a breach of the RIBridges system based on a screenshot of file folders sent by the hacker to Deloitte. On December 11, Deloitte confirmed that there is a high probability that the implicated folders contain personally identifiable information from RIBridges. On December 13, Deloitte confirmed there was malicious code present in the system, and the State directed Deloitte to shut RIBridges down to remediate the threat. State police and federal law enforcement are involved in an advisory capacity and no further leads have been provided.